firewalld-0.5.5-lp150.2.22.2<>,& \/=„h :2 igbyjhBOFpf=֡zЃcJT5)|i޹~ݒ-}'(8|gq`:P2?TnrRm|-rjS`foE^Q_NxƇ"gx).8vLucБ]F#V:| c>L?d   c  &G`fm 4 h         _]  ` d j oZo sst4uh(u8u09vx0:zC0=>?@'F/GD Hx I XY\ ]  ^b"cd]ebfelgu| v w  x  yz(,;<@[\`fCfirewalld0.5.5lp150.2.22.2A firewall daemon with D-Bus interface providing a dynamic firewallfirewalld is a firewall service daemon that provides a dynamic customizable firewall with a D-Bus interface.\lamb57openSUSE Leap 15.0openSUSEGPL-2.0-or-laterhttp://bugs.opensuse.orgProductivity/Networking/Securityhttp://www.firewalld.orglinuxnoarch test -n "$FIRST_ARG" || FIRST_ARG="$1" # disable migration if initial install under systemd [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : if [ "$FIRST_ARG" -eq 1 ]; then for service in firewalld.service ; do sysv_service="${service%.*}" touch "/var/lib/systemd/migrated/$sysv_service" || : done else for service in firewalld.service ; do # The tag file might have been left by a preceding # update (see 1059627) rm -f "/run/rpm-firewalld-update-$service-new-in-upgrade" if [ ! -e "/usr/lib/systemd/system/$service" ]; then touch "/run/rpm-firewalld-update-$service-new-in-upgrade" fi done for service in firewalld.service ; do sysv_service="${service%.*}" if [ -e /var/lib/systemd/migrated/$sysv_service ]; then continue fi if [ ! -x /usr/sbin/systemd-sysv-convert ]; then continue fi /usr/sbin/systemd-sysv-convert --save $sysv_service || : done fi test -n "$FIRST_ARG" || FIRST_ARG="$1" [ -d /var/lib/systemd/migrated ] || mkdir -p /var/lib/systemd/migrated || : if [ "$YAST_IS_RUNNING" != "instsys" -a -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : fi if [ "$FIRST_ARG" -eq 1 ]; then if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl preset firewalld.service || : fi elif [ "$FIRST_ARG" -gt 1 ]; then for service in firewalld.service ; do if [ ! -e "/run/rpm-firewalld-update-$service-new-in-upgrade" ]; then continue fi rm -f "/run/rpm-firewalld-update-$service-new-in-upgrade" if [ ! -x /usr/bin/systemctl ]; then continue fi /usr/bin/systemctl preset "$service" || : done for service in firewalld.service ; do sysv_service=${service%.*} if [ -e /var/lib/systemd/migrated/$sysv_service ]; then continue fi if [ ! -x /usr/sbin/systemd-sysv-convert ]; then continue fi /usr/sbin/systemd-sysv-convert --apply $sysv_service || : touch /var/lib/systemd/migrated/$sysv_service || : done fi PNAME=firewalld SUBPNAME= SYSC_TEMPLATE=/usr/share/fillup-templates/sysconfig.$PNAME$SUBPNAME # If template not in new /usr/share/fillup-templates, fallback to old TEMPLATE_DIR if [ ! -f $SYSC_TEMPLATE ] ; then TEMPLATE_DIR=/var/adm/fillup-templates SYSC_TEMPLATE=$TEMPLATE_DIR/sysconfig.$PNAME$SUBPNAME fi SD_NAME="" if [ -x /bin/fillup ] ; then if [ -f $SYSC_TEMPLATE ] ; then echo "Updating /etc/sysconfig/$SD_NAME$PNAME ..." mkdir -p /etc/sysconfig/$SD_NAME touch /etc/sysconfig/$SD_NAME$PNAME /bin/fillup -q /etc/sysconfig/$SD_NAME$PNAME $SYSC_TEMPLATE fi else echo "ERROR: fillup not found. This should not happen. Please compare" echo "/etc/sysconfig/$PNAME and $TEMPLATE_DIR/sysconfig.$PNAME and" echo "update by hand." fi test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ "$FIRST_ARG" -eq 0 -a -x /usr/bin/systemctl ]; then # Package removal, not upgrade /usr/bin/systemctl --no-reload disable firewalld.service || : ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_STOP_ON_REMOVAL" && . /etc/sysconfig/services test "$DISABLE_STOP_ON_REMOVAL" = yes -o \ "$DISABLE_STOP_ON_REMOVAL" = 1 && exit 0 /usr/bin/systemctl stop firewalld.service ) || : fi# We might a have runtime configuration which we haven't # made it permanent yet so restarting the service could be # dangerous. It's safer to not touch the firewall ourselves but # Let the user restart it whenever he feels like it. export DISABLE_RESTART_ON_UPDATE=yes test -n "$FIRST_ARG" || FIRST_ARG="$1" if [ "$FIRST_ARG" -ge 1 ]; then # Package upgrade, not uninstall if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : ( test "$YAST_IS_RUNNING" = instsys && exit 0 test -f /etc/sysconfig/services -a \ -z "$DISABLE_RESTART_ON_UPDATE" && . /etc/sysconfig/services test "$DISABLE_RESTART_ON_UPDATE" = yes -o \ "$DISABLE_RESTART_ON_UPDATE" = 1 && exit 0 /usr/bin/systemctl try-restart firewalld.service ) || : fi else # package uninstall for service in firewalld.service ; do sysv_service="${service%.*}" rm -f "/var/lib/systemd/migrated/$sysv_service" || : done if [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl daemon-reload || : fi fi<Czz}wUZzx& cH %@ZS3&I(1ZvR00DD;uvaGt*]W(DV%pOW \e) 67IQ+&AV4)7I-PQ`6<CI!:;NL +%#0q;7x( %IF*!I%C D 7@`  L1AA큤A聤AAA聤AAA큤AA큤A큤A큤A큤A큤A큤A큤A큤A큤AA큤\e\e\e\e\e\e\e\e\e\e\e\e\e\f\f\f\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\f\i\f\f\i[\g\i[\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e\e25a4325756ebc1ca8330303705c8add2c5ac77b8950cfdf90256fda78c137f6f523aa4fced0f8c0e7ee6d2ca7a1f8b347cb0f2c3c1241051eb7ea57fe0e25c48cbc2a0bce478a07447b99297b641992499a0a5417a2b972312cc6a00a3955c83120a02e9b88ba74949224eca7385825e39880f5687f739ade07d94ee22ffe325f1d3b47820266ecc343c828f969d479a5828912a81bbc1c0226e100ee24ed537e12e576ec1073001e5bc992c5d9236e4eb627a3eeb95e18476037177e9b2ff3c5f8f85cb3a5b76b9154831fe7cede2d4d115004b36f7d4b3130c38a8165e045045b313ce514bcaa63394d4ff04d1f0f19bb3f237fe26ffe3da996dad8fc03391bedddcff47fdcfc8b038361a10ca89878ef777304aa6abb6e754eba98663d32efc1396baaeb3c1394cc2edd53343e0ef58c144b8d2838c38a65aa100e3ae19aa2775fafd0aaa0c843c05089410dcd6f52795b2ec920325ae1bbb960ff43e68f25a36252226cea7e6c19dc9354819ac3c785ca19584baedce9b600912eb24a452b9208bc832178cc8e568db8e41756943eca7d9d8cac6ce721f11c1e27f7bb44e199aee6be87fb7e521bf18f7b9a887a7ef2cc2a3cced3e95045b076300c70e71a1a9ed19ec7e8407d408721a384a7b540ea84ac7b512d064c76295d0d320854e3dc1a43b83774e06bcb009e8edec65e1f436dc67ba173b7b931b8a1f6784c856101f49623d9031609fab630cba659b25dc0bef6755dc30b3533c87b031a62d8062f0c384313c589cd3653e3bb4b30fc99b862604c1a2f5a095bcf8e3da28a4bfa2e2f3c0f7499e4502e81343fd8e0252d64858f2862ea3848a68c07b0e5edaa6faec51e2397c0d508fa59a6f29c8fd6855292250ab4c4a72bd06dd688736241687533748f6dc4bbca3e3cdf8c94cf0acfd84dec365bfdaabaf910c8ee1ecc4bf5520541e5f8df310a5047000c62e17525180f2a86f6ce68e9a515b65dc530034c0dab1adb23553e78c7a09856b827a2a8f627adf5bdaa673d939710c4bdc00b75142a33df23b4bbbdbbe7839cb0a9606123019d2e10db1c7e8ba3fd22fe7ae91a9dd785836f3c5eb2722fc5d452a9a48d35c620ddb928b9ca73002bf788026dbf1cb22e847d20c5586ac7755245fe2b5703ffcaf8ef3e26e54cd12ad7f1bec610efd7cce04ec7aaa6fd1b5dbdd5197229e28a9140d2ec3330077b009e7adcb444c223255e501b772168a31cb8a7b7b32334dbc76c3a808d9b8fe81e4487c88c3b700fb29f8709261e69bdb327ec32e4cec986c6f4595a6e6d45cbb6ea766bd6b6efc4aeff39086a3abed5a35eece438f67c8a7badb9e48d1fe5bc6753dbe5b06d58fdde34afd628972b18b679631a693f8d7d5680c79e36ed9186066ec7d15615bec19eda90b1a47a57a44b2113b3f72b4d7baabf4a200909bf7f8bab098701c599d449eaa1a674bb9f1ef062b43f8303df864ac007e4e7026f53d0021ceff4da7082c395c04ef3f03e62c5315ff44cb6f526b17ddde31c6cc8bc590c31687d92c8b531f1085806a0c8c8f148f22916719259638b0a09701ff630db1e19d7b261fe4579baf77416679255a768a30b1c24122c5af4ea3de6b4f509e76874a802b40725ce6027337b344ad530dcf819ecd4eb457e922bdf3ae18dfcf9ab9a6a90b974000364b17ea5a97eb04dcba874203aaefaadb6d49e6dba604f2c56a86a40d1545628325b41597c43ad9d844a5f81a679eed87f0c0823532c1a4048aaa992627224cf6a6495e0918ccd10b74be16656832a919e2aa387204c7448c5881286588edb7d1caf35a624b359789c358f1960327298053213306b46686468e0a06174d343412f91ba070cae8857aac9918c4a5b01ec0cabb40a42d82333f9b9c4b188a31142ec3baaa690424032d46c444cce83e96ce078fa382d37c85ec9ceea4acbb2e0d625d33f1f8e60131dc0301f343f63a74d5d009a962b790b3b39e234754ec20cacaceb318f51e93b2f5bb04720029b75c7545dbe5b6b0a7d3056d680452b851542a35535f65f5df125f28ed354bda85ee118e7f27cc7d08008a6b4fa633a605c8ace6397da68050e859129269142254cb0862a578bf89fc93536581d2549cf02a04e67230416e7f6bd164ebdcf3ff99843741e4540ff406775f76022c742110062306bad0e4d08a8aafa61839f1cc3665fe1c23fd61bc163203ac6036847164c8610057d01ba92ddf1e152c42256780ce14f20560c5cf6277be0955ac236e37c8fa8972eb7238927b3b25adfebdc8771210298d34fce9370bd5b6f60f641166a3aebc9358e694a895b78c02ef97f15ea1fdc12906cad7d44149863f858039f9704f92b26e855f266be4fc6d86d2be4f8910fd61d10f7ca48fcb3f4f4de37586d800d92d04a1945a00648a116f895fa71e585c6f7fe945a82bac835f504c88def827aca86aaad3fa75e2cd178b49e1813f83588822080f1a720423ecdb84608e421b0c496a0c536b6013dfa457299680ea8cf619c84712de2329e1c80cb905b95afa657eb4c2ce36827de5dac30578be7673090fd7843cbe7b0060c8da576e360c4976bd8de87218e842edf514f4fe87290ba306daf33ccfffb779bdab4742a47d40e748ca2c98447a02e78c99e7ae3f33303cbcb65c6d2e0c5afb044d0e43751d2f574a3596e3a693907281e0d03e20199679de339ac0b5e64fd737311e3223dc4929952d4962c727208383786a5f498f22e63bc005fa8e888dd3d17bc4dc7fe07caddf55734354f09870a9aa97a4d4d43f5cfd94de26f81afd1e8e2336024037184b45c383a511d5b44892cf5656acb3c1bc34e2df5712463764a6432089b9a1179a763c7048a0a6d555dea3348a8fb4d04a79f02cf5ebd976986312394939b4d4e1f876b0d07f1b5a290e77b61cc9d25ce8a47f1261761b287113f80709d1337054cb570e5517741d40d434c4f7b4544ec0e60769ecb6d9ff9d7a52c033f89c49e05e89994f238744adaa33000c69573266da16e12d12f5d83ce93c596cc73c1309e714681fce5e4d7ec9f281c89a189e1d90dab868ea46e015b9c00bd7777257c644df62e0bcb01432e7331189831ea140c407570143c8ac42f4452c15b5d2b6f1454a5b1dfbe17d24096a52bc7b7a4ea25c8ad294fa181d3c2c275b311245fd16492fd98f2d41ae7bef6701fb5f86a4e65a416176acaee92d33c8b2311e0650712c774038e1d3af9fef6eea39a6c65bed7d3158520fd491749f473a55cf84707e6e6cb7da6f0cc2b8d6316cf50e7c96b60bdbaeea7078f71ea155c6a86d28e6d9b858569562eea06d083f7229f40031caf4364b910c8e2459ac2f0afc36eb561b56f94100397f3ea8924cdea4360813a1660c4679e49868e59bd98c31baecd00d0686c55beceae3bd5a6f0b0b5fdd19c3d2c8143c3f500d3d8b2f9747ef18c6c7f485576eaa37e4080c554937b4e18503f54007310784922b51d4657d85ed08c754fc2666229616b30181ab40c720a91cffe0eb4a7e7fc8776d6001d329277c00003d7e7cc1a3084e76305c230c6c185298313accfa4d7902694a65cba8e8b741f4fa0c82708f712bda074b414a357c8bb9758d0955f6d4e9d828f6dcfe5a62af4e278d035b6607c27f19a580a83357f6bef45e579a36fb8b63df56a15a45ec36f0fb4ea428f374b1cbece77e2a5599d9fbc29807b2c687e99d3096854b99d629df8673e94e19612c1a860db9b19ef19d87423f4bf87c444578db03dbc5fd661470724a4cdc65db29172db25009ac8d99012f3156f8c620ed87903148207ceb32469fb5de4fdcad7fcb94e2fc967dec92514a8956922e252c350f4b34d4b9a6c6345b4d55a3c9665170eacb8ca861c93100c4702bd37ab1fc29255f6a3ae0a89db8c2760002126891a365ceff8e2689f3d52613ab5bb7b0f845f829950cc8712878ff9af444802cf22c1744d36f38d028e3065f1d28e93b22ecb82c61884d00701245ffef25b30dc74c65a1898fa0e8e279607bf4212eccecb415803c6da50d96efbd09c00a89a3fe3e7ae7be4ea6850b2cb3881533d6f3303fe37cd55b9a3bb2d4c4d149f63ae7448df755a5d87cde2b563829723a57ae7cf0836db65f0e2ee28c8ab41b1524a748b6784d0193afe901650a67db7042e55ee26719eb794a46300bceed7262846f469f0b9ce3bbdcc44f988b1fb06b70193647961e59f5b4f3fe10ad3d9257a704363845ed7cc713a8cb8b361d6646d651c94d32459fbde573295f9ed593864ceafa85bb880fe8caf88cd9e1428cde3ad3f6e747c7dbfa875cb14eaa84ae5fd96dbfd8ef143ff82792648f15b7995abe893cf761d8ac7d68a4c5a3a48f71dbf2e8c6b803d93cff1947504ecbf14d92a120a9f1bd78a5fad8d4224082ce2a9c477f94066c267ac62a3eda40ae432bb06bc31a9c09c6caf67d046dbbdbfd9689f663e388e9e9b948215e8aef5ff967c5458bf90e6e4c198a56355e91d46f2bc138ccf37b36c4277b02e4f936d77b8bffc109fcceb7a24697b22221c111aa4b5018883cd643be7815c721242422d4bf20983ec79914b614cb1b9c195cdd67bb9553c87a43dbecb964e7cfa430abc8f83decd663aba9b06bb69ab6dfce47cfe4b65cd7a618ca2f9828a8648606019f56fd67664081a5b6855d1311e3e9f8304d77b762865fef50aa05bb45c2b8d84de2a4a74b3a542c631524f4d4279488b0f173908262db03e108c1ac474eb426656845a960da22f242150dfbbcfbc22950622dfcab275152ba520e052f197f0a95d8f35c3211a4a59d0d4d919b0bc8648cc255d456fd2d3644b3953f14e8c526b7e244964202d606873b47811fa459f7364ce3eded1f816596df0dbb12a4f5ba2734ad31ad5bbd51bece67283d48f53980efd3195549a3c973a0dee0a960973e6238493ce413d7087b92cf4ec8fd783801d56e5255617a7e77590b7ce8a68340d461bc4bc17057e09b7d6f63387bd4b4eac4fa0be8bd3b6f7d1414cf632f6588e1ec70cc3046d47334a392720816c6f4445fa132b875843fbd2b4dd976f0ae855862b7767fa84d17461d2c5fbb3eb92f4f7b350a5514170242a0e885c40f859b8e7492ecec34692db6d8c3f09fa8dd5585c5f3e43ccbefbf7c35c2968e0d23586d0bf6c95a13f82c1db840dc49032aba8c8d9c117e6ab80e90bcd60e3092cc4ec549484774c077907366bbefc5d7d443d0e3983300bdc6db114efe2bd4b51c6daf31e4b90129e00b0b3b016df15a9f0ec7eb6e331bb4e6a8e519c21bf1f8be32138925fb57c60fb14dc35398840292a12c7804668d7856c04bb396a182eb5a92e54cd56dcb531e366274dc051e81a8a89bba0b312332069e630341b71fc02c7b94302a85323a448459de00a5cc0ce5bcbab2314660e64adf0d870868b2f7127ec155bc4a57de6ab4e3013e7ad07cbac53f0cab8ba4e91d0942bff0fa86669763f091122c4602fbfc580ecd10a6816918f236dc8b65f609b3af3b30e3109a6a6d0efd947e8e7110ea11d503deff5f77a6d32bffd22e2d30dd7418f0ab085d28880c5faaa001c0f4aa53340696ec79dfa4b86d4ac385d29f8dc56948f75d56c0d58fadd20aaca7dcc5fb9792f18e1531a863a165317c3ef38f74efdeb8f7423f10baa7baa197334d52eb5fb6479a9fc9654e034b16761bf37d118f5731556a1acf52e49ee576bcc10a466d14a05402ea238ad55284f5733ee4f5a74ed351df315164747e3f7c67cefa7cc207a13d136cb9495d5048812dbd0fda2b106f7f37b9d6e5e3cfab11f13c84cc108c834b47444b2137fe06605ce110f0935c6205c03fd0a109f899db4bdb3176b23f7832b0af7cd24cb7d6b050b4b158286fbd44eaf03b8025ee38be76cf98d438bea2522e60786ea9911eaba46c8168767c47a1f1022594c61dba1acd00786480220644652bbed0afde92fd6fcb9838438185d5f12bde6ce67dad532083a5eb72eb4a88ff398189fd3f1f1fba18126bc5b9d892f909a7b41ada30d96466d0db5455b3846ad7fe27107a1c0452d4974c79cd39bcb785f2e3aa7b36a1f8cd883f2bf4f3d1bd97183ae7fcf0246dd6b1e2fed73f630e22be315409c984d374658d61f5d546d717f146ae164809bf8266559a1f42a3c47a220f70e6a74d695f4c7dc6d7c1f82bbd4bf3560b7b96d38a8327f1888a05651ea6139eef97f74ff5ae74ce640f6df83c86894842e1ec6348c45c1a3689958df24d00eac2505b8c9f04be56860390a76dec536fd431cad1829036e104c805f0712db119ceebdd40c009bd4419692c6975b7b1e49f67de2ce41fd76a3ed2cff83f6b36792798ee99ed2e442f98d78de6dc0f2b0cb8e475597224a094cf6dff24061650d5785242e369d909c202f99a3810ee5830dfff9a97e7ffd2fac2eae8a03ca61de100fb15594b4ad1afd5051ab54700863f6de6fc0551761e1bdee38cd2dd16cb23b96b7729f3ffa061a8e15c282a4b7421de7dbf54048680c8a1ff121743aba930e0d6383d90e122531ff66fd70eb5ced1f3d6d1898d23b605ad074d7bd9121da3cb3bb753b004473be069ea9ca3df0aa607435a4d1f69c67d8c01fd05859413d20f16cd95bef3b50a05aacdd4c115fc24bc233030cbf061432ac1e5c87ae80041ed7f1e60cb9c1b59843649fa610134ac5a80f1d0646f5cde3b2bf1458ecfa3c12847cd6266419075250596aadd7e8f01ae30c51887ff48e1c37e78dd5b3a75ad3e7eb4ef0a6cc51959ac09fd7b618d2c50e3e51b7b3d2f62e3755de3fc22ef61aed727de79a85cc259dcab0fc6417171aeb053f0bfe056445759edaeb6f421431c21ee16e19fca257e02ad748d89d83aab48af2babcc2e570043b846772a9192cad20b2ef458f0fc2e6c0fbfeb76931a78223617fd0328ea24cc577c9a563b3279244fa3864cad213124e32a2a1357da7252c979aca82390c1a5081dfd94cec718d3c7229326a6fd90d3ca9fcba6fa35ff8172fdb96207047a1c61dbc62c3f44eaefbe7f88010ec0ec28fd1bf60f18faf6ea11f3698d184753e3c66c0fc525d13995c0a8fece6e78d164885e1ca3817b21814d52e065b9d498e44075cdf3f373cac4172779b41d8c3592fa1f8afc0bccc2a75de102cd259427b93671e03dc7a0c842c10f687b897e5d515a2b2253a62e179458d54b5a56f9b41b3d62ebff5bf535059b929fa239f59e8274202c37ddb2d19bd02b60473e56d1b8343682a9c6f5b82bda76248832d8cac360e25fa7a0dd0d9cdefcff7aac3db81fed513835e1b362453eda47aecf07eb2a31b2a7cfda86f33ec4f5dc3e0a92d4e9aa75aa110f86ebff3a8a7baab6b5d813ba26a649789af09b2295c4362f64352c094dc66a38db9e84764d4821b4f613559746a783d58fda602618616d135dc7eff0a8062352e2f1d36a9412496d03ce2364723ef0cfaa18d614dfc40dff999d61cac5ef41189b2581f74b6ee71fecbb2f74c43f2c5f9e0fab026117459bd5c399ca340d222228c7c136b34380ef8a8baf871b6b7584c295e89622172eec81979815d1750cdf9c3be68d71d08267d5bf7b9f026e76ef26d6d8c83b760c70473db870e7753f8528f640525af6c67ef68f32d002b13a91d033328fb0bb994dc29f996eee08a7b3adda2194ad6366b2c81d1b8ad26b274c135ec58ad0d6bc82fbd5844102adbb70c35b0ded286359cddcca706b5b0173f2d7271c9ea4e1e73fe10f12b68c19942c0305c349f399c970d34b7a1bc1482e2ebe9ff13e4c4272b3a9d5217f2eeed44a6714bdeeed66361e11b52a5bd20ed57ff8afeaeffa9914a776c2684eb87bd75c3b9fb1632550b5ee46952fc55cea726fdd3485ed96226c8140393964a80f3f3e06dda77f25d351049b1dd4964f3d4996ddda1d50a74f6b6463770d1047fc49852d2c595fe295ba2db75476dbb053e21c59539e039bde113c368bd9c9fb3f165f5e63dc769264fdf3e42bf600a493a96c4ab853e57877452636b3a1cc969ec4c9dc644f6e90128811479e4eb676ec55b32388e449322fdb6230901725844a8ed6cc3c2c25e483cbf096d83551ede1be300e3670d86926954700579c4a1453f9fff573a2b9044d18d30a193da28a4c25d9e67380a8551e63b3391d5adfb2401dc6800e8dfcb59ea800051aeebc23f8f387c48749c2f8cd5371f0a215c1097e30c0b814270539bdc25289ead377d6d529a217c7c31a623232d257d2f2763be3b8c35c31601068213ac829fd1ca8c0c362779cc62cf5e7530e9400577a42311da255e168832526fa471ff1d26c88e63184fd6b359d5c0ea97324fa251e6bb52320f3fd3f695a18ee14672e895f6c7a168dc852e8679c23122a76fd21de94ce714054ba2b6b4d2bbb85a945febb7c1d799f3dccbde083958e6edba185fc4e14fd7f9eb8f784021632bebe9ebdcf929bdb690b4ca7477bea940d8d4407aff9ef360ad3460842f81206e44e71413dfd9221ef764332f8c838438e3c840138ac370afaa97d6982ff54a749134e323bdb8885e267ba533f217a68f9080cfaed9a80941c633424dee2c59d26d3c4d37ffd40589a0baebe98ad10ed1848d0635c503ff0da8e3e005857ca992d3615e6d92c01048191f2dc9341a853cba1f3cbba554cb39891ec0c08934536c5cb2c0f9ed2e686d7dc9df91fc8cfb6bb093f1be8cfbc8afaa62e34a643beaede1c88eb7550837d40cdf4789dd5e3e8088a8f263b2632e2355fff581e4c61f7174e04d593c01088d952bfda83883640a8d368c9ebedfc135f60fa1294a4c1794a2e0fdaba1c5f70e2f011a9d9b987e43368ce1d582ee4b43006da4dd528bf35cb182af12dfefeed7d3dcbcde08a17475e86be6b3d3c9721d8490c4adcfa2ee5f8c949e4b3bcfd87abf128a77f3f5cdd538e507911e5109ee6330983a0149b2f231db5f2d4c14825e1d6778be669e9521c4273fd4e1ff37e5c839b2e100b9bf853191a3ddb4c9fbad4d13f0123139c60bafc79f7ea5105ee6e745e7825bc674c4f519edd8eb9060aeaaba876d7171f3063eb56beaf3cb3d1b3b567b5b3fd2e47b450d8a2a9c5b2467570eb4e0759e7a52881913d7d67713348e34be07a6fd1fd4c205c8184147cec4223451f4f48ccb459649e4e0dc4c30fd5f29e26830311f0940aa7a183f3cbc19188fc8c42a127da16edc3f5ba2416eb99f2c821307105f59b2414b3d3cfd0234a758d53a315f291f1c95c9c9df21ea81e56b144d6c9af4b87957be81a23d6e5a12ad601608b138e628fd744bee1509fd28f5cb7a4023031d95c3fbbe6811f1c6cadf0538b8fbfd56a74ae5992c133cda474652e3cfcb494b2ec2cb17eadd9987c0968211e14dc9eba4027d9d256c5fe2bbe907f8ca8eaad41128a48d735eb71db3519e41f3a5ba7c65a37d57c18cf2df8b3df2da09c628444bba5189af9f3a621140425b182a72532bcca784c71d2442eda18b3127700729e38c586b5e87b02686b9726735f2475c90cdf21b2ed46df03a49d41fa069b72a4a50cb11d90a4da0f92b9fb33bfe02cb4de6238233794e4a20c23bce055557ce6313433bfa84818d1bde382c9dac661d6a211579c65a0cf5871f4f08140a81cc79daa3346c41c8cc2efab00603dad70375797dff7478e6c7cd8740ad003a9e6daa08dcbe239a98e321459b4fa9fdef55339fda0ff89db53376b30693294473dd9df980489d2d54b4e4c6fec216a741d3b1bd54f8c9deb14cc862376931342230a191572188ff3e4cbba0ce374d08ebb584c2560907e76c093a5c1943c5b9f79eed2499853715604b459ab23425c0e5e1ae733785b8664b7e793a934b74d8268a90e745ae669c7f2a940e6af4f2835f734fd37ca77d4811b791ba415a1a19a3bf9ebf0685d4d45a4dd3fcf45a6517404a1e8f7c5755c5bc0491063e370de26e3700768c6607ab6c3b03a45750253c5b8aecaf4b839de68d658b0722bbaaaca11460bf452de2dfb29cc1a16d2bead1192299e5a6c15158126f0ecaf0c2e0548f70e5af12dbda57838c2e77f2f0b258dbf9b12141e46bb2a72bb02dfb197a6db6246e23bef9276188981835cb56daad6b41f68f185bb75c453f128bcdb9ff200308a5d7d0bb7af62fa281e695e7f4a260801c327875b60303979052e2208ba7ae40baac1c748963e98b8c34b274c379f09b2fc534be4073c030e917617d072b2bd26dfeaa463f7b89234b54713237f6ea4169a0c97a93026fe537f5733db1c2dc1219625019c4b553033ab63a17a94949a699b851b53019019ad80f55631843f693d184c2256e3454e6763950157cc5ae6f910c549622684081fccf13821a3da08e3b78177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b8806438d2e42135e85e86064282b8fe43ab8ebdf8220354cca2cdf79e69954687ea00e613149594ab22924229ee8ac90d01b0a6766d7ad70ce2661cd44446b8dbed5ec992a7452aace47d0be13a5562b132a8799bbce7362f389f588b0c66335839b34ebfc315bb63ccd601cc4f3596a492d2028b1a71e2c338a402fc14370a976a209edb9ff0873681eb2b6d27c2f264631d5a389a70d23ab1b5c805f6c045d91a3e96b1bf9a768ae71b1ffe3dd4bdc3c06fe0e69a43c65d44280917b99f2962c30b40e966628c4d81fe0e8c03802e16d94afd2d9e0b4bb1b88ce6c6f91bde86d35840f6d73da4f40af12dbc549ea2b81c2daa507b0e7d8f90c2eeda4377fb721a06224b7cf2f064211bd75dc9512cc3d0d05367c7e7816e6bf415b4bd1330b70ef8d3602479481e84664aec40a520ae451d1d2875d7a0f7cfee34cf144835a387ed2d6ae93fe34e6bc45460978a51236ff3ee3a7794f0c38429c17282d9207a82953863db7249a3ce59bcfb0fca2796857e5478e9f86c187b153ce503c74918d60f3be28ce59a8d09c81b83d0a55987363c58e2e8dc7b9fa334129e8cb2e6f96eea5db8d7f5b2792babd34873b2d40152e91e9dcd3c45447413df7b7ae7fbca7daa2098e01c66f42873569ebe302f3931ac74fe8b285f8f4d5c61af0fa7378853af60022c5eaddf45fdb3bc0617460ab0854c2036074faae84576ff1f731df0f61a57d5d596f56e2e08c3f31d044e868a3506b405a93b2e4e94ae0e0db4cedce15d8serviceorg.fedoraproject.FirewallD1.server.policy.choicerootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootfirewalld-0.5.5-lp150.2.22.2.src.rpmconfig(firewalld)firewalld@ @    @/bin/bash/bin/sh/bin/sh/bin/sh/bin/sh/usr/bin/python3config(firewalld)coreutilsdiffutilsebtablesfillupgrepipsetiptablespython3-firewallrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)sysconfigsystemdsystemdsystemdsystemdtypelib(GObject)0.5.5-lp150.2.22.20.5.53.0.4-14.6.0-14.0-15.2-14.14.1\A[0[Ѱ@[$@[t[[v[h8@[?Y[Zz@Z3@Z̧@ZZZZZs@Z;@Z@ZOZ@Zr@Z }Z ,@ZY6@XXXEVX)@X2@WiW@W{@WrfWj}WXWM|W,@W#LWV޾VՄ@V2V@V@VHMichał Rostecki Marketa Calabkova Markos Chandras Markos Chandras Markos Chandras Markos Chandras mchandras@suse.demchandras@suse.demchandras@suse.desbrabec@suse.commchandras@suse.desbrabec@suse.comsbrabec@suse.commchandras@suse.demchandras@suse.demchandras@suse.demchandras@suse.demchandras@suse.demchandras@suse.dedimstar@opensuse.orgmchandras@suse.derbrown@suse.commpluskal@suse.commchandras@suse.demchandras@suse.dempluskal@suse.commchandras@suse.demchandras@suse.demchandras@suse.demchandras@suse.demchandras@suse.demchandras@suse.demchandras@suse.demchandras@suse.demchandras@suse.demchandras@suse.demchandras@suse.demchandras@suse.demchandras@suse.dejengelh@inai.demchandras@suse.demchandras@suse.demchandras@suse.demchandras@suse.demchandras@suse.demchandras@suse.dejslaby@suse.commchandras@suse.de- Add upstream patch to fix the error in --runtime-to-permanent option about 'settings' variable being referenced before assignment. This error occurs only when NetworkManager is not used. (bsc#1122151) * 0001-firewalld-fix-runtime-to-permanent-if-NM-not-in-use.patch- Import SUSE translations (boo#1108832) * added firewalld-0.5.5-po-20181105.tar.xz- Add upstream patch to fix a python stacktrace when getting the zone for a NetworkManager connection (bsc#1106319) * 0001-firewall-core-fw_nm-nm_get_zone_of_connection-should.patch- Add adapted upstream patch to make --reload/--complete-reload forget the runtime configuration and always load the permanent one (bsc#1112008) * 0001-firewall-core-Always-reload-the-permanent-configurat.patch- Add upstream patch to mark more strings as translatable (bsc#1096542) * 0001-Fix-translating-labels-392.patch - Add upstream patches to fix NetworkManager integration (bsc#1109074) * 0001-fw_nm-Make-nm_get_zone_of_connection-only-check-perm.patch * 0002-firewall-cmd-On-getZoneOfInterface-only-ask-NM-for-p.patch * 0003-firewall-cmd-For-non-permanent-interface-changes-don.patch * 0004-fw_nm-New-function-to-get-all-interfaces-from-NM.patch * 0005-fw_nm-Add-nm_get_interfaces_in_zone.patch * 0006-firewall-cmd-Ask-NM-when-listing-permanent-interface.patch * 0007-firewall-cmd-Allow-passing-extra-interfaces-to-print.patch - Add upstream patch to fix ifcfg ZONE attribute on permanent firewall changes (bsc#1109153) * 0001-ifcfg-Modify-ZONE-on-permanent-config-changes.patch- Update to 0.5.5 (bsc#1108420) * update translations * firewall/core/fw_nm: nm_get_zone_of_connection should return None or empty string instead of False * fw: If direct rules fail to apply add a "Direct" label to error msg * fw: if startup fails on reload, reapply non-perm config that survives reload - spec-cleaner fixes- Update to 0.5.4 (bsc#1105170) * update translations * fw: if failure occurs during startup set state to FAILED * fw_direct: avoid log for untracked passthrough queries * firewall-config: fix some untranslated strings * Rich Rule Masquerade inverted source-destination in Forward Chain * don't forward interface to zone requests to NM for generated interfaces * firewall-cmd: add --check-config option * firewall-offline-cmd: add --check-config option * ipset: check type when parsing ipset definition * firewall-config: Add ipv6-icmp to the protocol dropdown box * core: logger: Remove world-readable bit from logfile * IPv6 rpfilter: explicitly allow neighbor solicitation - Remove patches that have made it upstream: * 0001-firewall-config-fix-some-untranslated-strings.patch * 0001-firewall-config-Add-ipv6-icmp-to-the-protocol-dropdo.patch * 0001-core-logger-Remove-world-readable-bit-from-logfile-3.patch * firewalld-0.5.3-po-20180417.tar.xz- Mark more strings as translatable when creating rich rules (bsc#1096542) * 0001-firewall-config-fix-some-untranslated-strings.patch- Backport the following upstream fixes: * Add missig ipv6-icmp protocol to UI drop-down list (bsc#1099698) - 0001-firewall-config-Add-ipv6-icmp-to-the-protocol-dropdo.patch * Drop global read permissions from the log file (bsc#1098986) - 0001-core-logger-Remove-world-readable-bit-from-logfile-3.patch- Merge SUSE translations to version 0.5.3, fix typos (boo#1094051, add firewalld-0.5.3-po-20180417.tar.xz, remove firewalld-po-20180417.tar.xz).- Update to 0.5.3 (bsc#1093120) * tests/regression: add test for ipset with timeout * ipset: allow adding entries to ipsets with timeout * translations: update * helpers: load helper module explicitly if no port given * helpers: nf_conntrack_proto-* helpers needs name cropped * config/Makefile: correct name of proto-gre helper * tests/regression: test helper nf_conntrack_proto_gre (#263) * functions: get_nf_nat_helpers() should look in other directories too * functions: Allow nf_conntrack_proto_* helpers * services: Add GRE * helpers: Add proto-gre * tests/regression: add test to verify ICMP block in forward chain * ipXtables: fix ICMP block not being present in FORWARD chain- Translations update to version 20180417 (bsc#1081623): * Minor fixes of ar, ko, nl.- Translations update (bsc#1081623).- Backport upstream patches to add additional services (bsc#1082033) * firewalld-add-additional-services.patch- Update to 0.5.2 * fix rule deduplication causing accidental removal of rules * log failure to parse direct rules xml as an error * firewall-config: Break infinite loop when firewalld is not running (bsc#1082470, bsc#1085205) * fix set-log-denied not taking effect * po: update translations - Remove obsolete patches which are now upstream * 0001-src-firewall-config-Fix-default-value-for-dialog-but.patch * 0002-src-firewall-config-Break-infinite-loop-when-firewal.patch- Update to 0.5.1 (bsc#1084026) * ipXtables: fix iptables-restore wait option detection * python3: use "foo in dict" not dict.has_key(foo) * Fix potential python3 keys() incompatibility in watcher * Fixed python3 compatibility * ebtables: fix missing default value to set_rule() * fw_zone: fix invalid reference to __icmp_block_inversion * zones: Correct and defer check_name for combined zones * firewallctl: mark deprecated (gh#firewalld/firewalld##261) * Add nmea-0183 service * Add sycthing-gui service * Add syncthing service * Adding FirewallD jenkins service (gh#firewalld/firewalld#256) * services/high-availability: Add port 9929 * Fix and improve firewalld-sysctls.conf * firewalld: also reload dbus config interface for global options * Add MongoDB service definition * src: firewall: Add support for SUSE ifcfg scripts * Add UPnP client service * firewalld: Allow specifying log file location * firewalld/firewall-offline-cmd: Allow setting system config directories - Drop obsolete patch * 0001-suse-ifcfg-files.patch - Drop tests installation- Add upstream patches to fix endless loop in firewall-config when firewalld is not running (bsc#1082470) * 0001-src-firewall-config-Fix-default-value-for-dialog-but.patch * 0002-src-firewall-config-Break-infinite-loop-when-firewal.patch- Remove high-availability service. SUSE HA uses the cluster service provided by the yast2-cluster package (bsc#1078223)- Introduce new python3-firewall and firewall-macros subpackages. The first one contains the firewalld python3 bindings and the second one contains the RPM macros for firewalld.- Replace dbus-1-python requires with dbus-1-python3: since firewalld was migrated to python3, we also have to require the python3 dependencies (boo#1070310).- Add missing python3-gobject-Gdk dependency (boo#1069952)- Replace references to /var/adm/fillup-templates with new %_fillupdir macro (boo#1069468)- Make sure to use python3 everywhere (boo#1068778)- Add combined upstream patch to support SUSE ifcfg network files. * 0001-suse-ifcfg-files.patch (gh#firewalld/firewalld#262, fate#323460)- Update to version 0.4.4.6 * firewall.core.fw_config: Fix check for icmp builtin name * config.services: docker-swarm: fix incorrect attribute * xmlschema/service.xsd: Fix protocol looking for name instead of value * Add docker swarm service (gh#firewalld/firewalld#230) * Adding FirewallD redis service (gh#firewalld/firewalld#248) * Adding firewalld zabbix server and agent services (gh#firewalld/firewalld#221) * firewall-offline-cmd: Don't require root for help output * doc: firewall-cmd: Document --query-* options return codes * firewall-cmd: Use colors only if output is a TTY * core: Log unsupported ICMP types as informational only * add bgp service to predefined services edit to config/Makefile.am * Add git service * Add kprop service * minidlna definitions (gh#firewalld/firewalld#236) * SpiderOak ONE listens on port 21327 and 21328 * autogen.sh: Allow skipping configure via NOCONFIGURE env var * Add missing ports to RH-Satellite-6 service * Reload nf_conntrack sysctls after the module is loaded * Add NFSv3 service. * config/Makefile.am: Add murmur service (a95eed1) * add new service IRC * firewall.core.prog: Simplify runProg output: Combine stderr and stdout * firewall.core.fw: Fix possible dict size change in for loop * firewall.core.fw: Use new firewalld git repo in firewalld organization * config/firewall-config.appdata.xml.in: Use new firewalld git repo in firewalld organization * firewall.core.fw_zone: Rich-rule ICMP type: Error only for conflicting family * firewall.core.rich: Add checks for Rich_Source validation * Handle also IPv6 with the zone masquerade flag * Add IPv6 support for forward-ports in zones * firewall.command: Enable parse_forward_port to work with IPv6 adresses * firewall.core.fw_zone: Fix IPv6 address in rich rule forward ports * add Murmur (Mumble server) service - spec file fixes to avoid rpmlint warnings about duplicate files.- Switch to python3 - Run spec cleaner - Move autogen to build section - Add systemd requirements- Update to version 0.4.4.5 * firewall-offline-cmd: Fix --remove-service-from-zone option (rh#1438127) * Support sctp and dccp in ports, source-ports, forward-ports, helpers and rich rules * firewall-cmd: Fix --{set,get}-{short,description} for zone * firewall.core.ipXtables: Use new wait option for restore commands if available * Adding ovirt-vmconsole service file * Adding oVirt storage-console service. * Adding ctdb service file. * Adding service file for nrpe. * Rename extension for policy choices (server and desktop) to .policy.choice (rh#1449754) * D-Bus interfaces: Fix GetAll for interfaces without properties (rh#1452017) * firewall.core.fw_config: Fix wrong variable use in repr output * firewall.core.fw_icmptype: Add missing import for copy * firewall.core.fw_test: Fix wrong format string in repr * firewall.core.io.zone: Fix getattr use on super(Zone) * firewall.functions: New function get_nf_nat_helpers * firewall.core.fw: Get NAT helpers and store them internally. * firewall.core.fw_zone: Load NAT helpers with conntrack helpers * firewalld.dbus: Add missing properties nf_conntrach_helper_setting and nf_conntrack_helpers * firewall.server.firewalld: New property for NAT helpers supported by the kernel- Update to version 0.4.4.4 * Drop references to fedorahosted.org from spec file and Makefile.am * firewall-config: Show invalid ipset type in the ipset dialog in the bad label * firewall.core.fw: Show icmptypes and ipsets with type errors in permanent env * firewall.server.firewalld: Provide information about the supported icmp types * firewall.core.fw_icmptype: Add ICMP type only if the type is supported * firewall.core.fw: New attributes ip{4,6}tables_supported_icmp_types * firewall.core.ipXtables: New method supported_icmp_types * firewall-config: Deactivate edit buttons if there are no items * firewall.core.io.zone: Fix permanent rich rules using icmp-type (rh#1434594) * firewall.core.fw_ipset: get_ipset may not ckeck if set is applied by default * firewall.core.fw_transaction: Use LastUpdatedOrderedDict for zone transactions - Remove upstream patch: * 0001-firewall.core.fw_ipset-get_ipset-may-not-ckeck-if-se.patch- Update to version 0.4.4.3 * New service freeipa-trust (rh#1411650) * Complete icmp types for IPv4 and IPv6 * New h323 helper container * Support helper container: h323 * firewall.server.decorators: ALREADY_ errors should be logged as warnings * firewall.command: ALREADY_SET should also result in zero exit code * tests/firewall-offline-cmd_test.sh: Only use firewall-offline-cmd * Support more ipset types: hash:ip,port, hash:ip,port,ip, hash:ip,port,net, hash:ip,mark, hash:net,net, hash:net,port, hash:net,port,net, hash:net,iface * New checks for ipset entry validation * Use ipset dimension for match * firewall.core.base: New ZONE_SOURCE_IPSET_TYPES list * New firewall.core.icmp providing names and types for icmp and icmpv6 values * firewall.core.fw_ipset: New methods to get ipset dimension and applied state * firewall.errors: New error NOT_APPLIED * firewall-cmd man page: Add missing --get-ipset-types * firewall.core.fw_nm: No trace back on failed get_connection call (rh#1413345) * firewall.core.prog: Fix addition of the error output in runProg * Speed up ipset handling, (re)loading and import from file * Support --family option for --new-ipset * Handle FirewallError for query sequences in command line tools * Fail to alter entries of ipsets with timeout * Extended tests for ipset options * Return empty list for ipsets using timeouts * firewall.functions: Fix checks in checkIPnMask and checkIP6nMask (gh#t-woerner/firewalld#186) * firewalld.conf man page: New section about AutomaticHelpers * firewall-offline-cmd man page: Added -v and -q options, fixed section ids * firewall{-cmd, ctl}: Fix scope of final return in try_set_zone_of_interface * firewall.core.fw_zone: Limit masquerading forward rule to new connections * firewall-config: Update active zones on reloaded signal * firewall-applet: Update active zones and tooltip on reloaded signal * firewall.core.fw_zone: Fix missing chain for helper in rich rules using service (rh#1416578) * Support icmp-type usage in rich rules (rh#1409544) * firewall[-offline]-cmd: Fix --{set,get}-{short,description} for ipset and helper (rh#1416325) * firewall.core.ipset: Solve ipset creation issues with -exist and more flag tests * Speed up start and restart for ipsets with lots of entries (rh#1416817) * Speed up of ipset alteration by adding and removing entries using a file (rh#1416817) * Code cleanup and minor bug fixes * firewall.core.prog: Fix addition of the error output in runProg * New services mssql, kibana, elasticsearch, quassel, bitcoin-rpc, bitcoin-testnet-rpc, bitcoin-testnet, bitcoin and spideroak-lansync * Translation updates - Add upstream patch to fix ipset overloading from /etc/firewalld/ipsets (gh#t-woerner/firewalld#206) * 0001-firewall.core.fw_ipset-get_ipset-may-not-ckeck-if-se.patch- Update to version 0.4.4.2 * firewalld.spec: Added helpers and ipsets paths to firewalld-filesystem * firewall.core.fw_nm: create NMClient lazily * Do not use hard-coded path for modinfo, use autofoo to detect it * firewall.core.io.ifcfg: Dropped invalid option warning with bad format string * firewall.core.io.ifcfg: Properly handle quoted ifcfg values * firewall.core.fw_zone: Do not reset ZONE with ifdown * Updated translations from zanata * firewall-config: Extra grid at bottom to visualize firewalld settings- Update to version 0.4.4.1 * Translation updates form zanata * firewallctl: New support for helpers * firewallctl: Use sys.excepthook to force exception_handler usage always * firewall-config: Use proper source check in sourceDialog- Update to version 0.4.4 * firewall-applet: Use PyQt5 * firewall-config: New nf_conntrack_select dialog, use nf_conntrack_helpers D-Bus property * New helpers Q.931 and RAS from nf_conntrack_h323 * firewall.core.fw_zone: Add zone bingings for PREROUTING in the raw table * firewall.core.ipXtables: Add PREROUTING default rules for zones in raw table * New helper configuration files for amanda, ftp, irc, netbios-ns, pptp, sane, sip, snmp and tftp * firewall-cmd: Fixed --{get,set}-{description,short} for permanent zones * firewall.command: Do not use error code 254 for {ALREADY,NOT}_ENABLED sequences * Misc bug fixes. * For the complete list of changes please see: https://github.com/t-woerner/firewalld/releases/tag/v0.4.4- Relax permissions for default installation files. The files in /usr/lib/firewalld are the default ones as shipped by the package and there is nothing secret in them.- Update to version 0.4.3.3 * Fixes CVE-2016-5410 (bsc#992772) * Standard error is now used for errors and warnings * Several fixes for use in change roots * Systemd service file changes * Fixed translations in firewall-config * Command line clients * Fixes infinite event handling loop in firewall-{config,applet} (bsc#992082)- Update to version 0.4.3.2 * Fix regression with unavailable optional commands * All missing backend messages should be warnings * Individual calls for missing restore commands * Only one authenticate call for add and remove options and also sequences * New service RH-Satellite-6- Update to version 0.4.3.1 * firewall.command: Fix python3 DBusException message not interable error * src/Makefile.am: Fix path in firewall-[offline-]cmd_test.sh while installing * firewallctl: Do not trace back on list command without further arguments * firewallctl (man1): Added remaining sections zone, service, .. * firewallctl: Added runtime-to-permanent, interface and source parser, IndividualCalls setting * firewall.server.config: Allow to set IndividualCalls property in config interface * Fix missing icmp rules for some zones * runProg: Fix issue with running programs * firewall-offline-cmd: Fix issues with missing system-config-firewall * firewall.core.ipXtables: Split up source and dest addresses for transaction * firewall.server.config: Log error in case of loading malformed files in watcher * Install and package the firewallctl man page * Translation updates- Update to version 0.4.3 * New firewallctl utility (rh#1147959) * doc.xml.seealso: Show firewalld.dbus in See Also sections * firewall.core.fw_config: Create backup on zone, service, ipset and icmptype removal (rh#1339251) * {zone,service,ipset,icmptype}_writer: Do not fail on failed backup * firewall-[offline-]cmd: Fix --new-X-from-file options for files in cwd * firewall-cmd: Dropped duplicate setType call in --new-ipset * radius service: Support also tcp ports (RBZ#1219717) * xmlschemas: Support source-port, protocol, icmp-block-inversion and ipset sources * config.xmlschema.service.xsd: Fix service destination conflicts (rh#1296573) * firewall-cmd, firewalld man: Information about new NetworkManager and ifcfg * firewall.command: Only print summary and description in print_X_info with verbose * firewall.command: print_msg should be able to print empty lines * firewall-config: No processing of runtime passthroughs signals in permanent * Landspace.io fixes and pylint calm downs * firewall.core.io.zone: Add zone_reader and zone_writer to all, pylint fixes * firewall-config: Fixed titles of command and context dialogs, also entry lenths * firewall-config: pylint calm downs * firewall.core.fw_zone: Fix use of MAC source in rich rules without ipv limit * firewall-config: Use self.active_zoens in conf_zone_added_cb * firewall.command: New parse_port, extended parse methods with more checks * firewall.command: Fixed parse_port to use the separator in the split call * firewall.command: New [de]activate_exception_handler, raise error in parse_X * services ha: Allow corosync-qnetd port * firewall-applet: Support for kde5-nm-connection-editor * tests/firewall-offline-cmd_test.sh: New tests for service and icmptype modifications * firewall-offline-cmd: Use FirewallCommand for simplification and sequence options * tests/firewall-cmd_test.sh: New tests for service and icmptype modifications * firewall-cmd: Fixed set, remove and query destination options for services * firewall.core.io.service: Source ports have not been checked in _check_config * firewall.core.fw_zone: Method check_source_port is not used, removed * firewall.core.base: Added default to ZONE_TARGETS * firewall.client: Allow to remove ipv:address pair for service destinations * tests/firewall-offline-cmd_test.sh: There is no timeout option in permanent * firewall-cmd: Landscape.io fixes, pylint calm downs * firewall-cmd: Use FirewallCommand for simplification and sequence options * firewall.command: New FirewallCommand for command line client simplification * New services: kshell, rsh, ganglia-master, ganglia-client * firewalld: Cleanup of unused imports, do not translate some deamon messages * firewalld: With fd close interation in runProg, it is not needed here anymore * firewall.core.prog: Add fd close iteration to runProg * firewall.core.fw_nm: Hide NM typelib import, new nm_get_dbus_interface function * firewalld.spec: Require NetworkManager-libnm instead of NetworkManager-glib * firewall-config: New add/remove ipset entries from file, remove all entries * firewall-applet: Fix tooltip after applet start with connection to firewalld * firewall-config: Select new zone, service or icmptype if the view was empty * firewalld.spec: Added build requires for iptables, ebtables and ipset * Adding nf_conntrack_sip module to the service SIP * firewall: core: fw_ifcfg: Quickly return if ifcfg directory does not exist * Drop unneeded python shebangs * Translation updates - Remove obsolete patches: * 0001-src-firewall-core-Drop-unneeded-python-shebangs.patch * 0002-firewall-core-fw_ifcfg-Quickly-return-if-ifcfg-direc.patch * 0003-firewall.core.fw_nm-Hide-NM-typelib-import-new-nm_ge.patch - Add missing %{?_smp_mflags} during install. This will speed up the installation phase as well as expose build system's problems due to higher level of parallelism. - Run make during %build to ensure missing documentation is generated. - spec file cleanups.- Add upstream patch to prevent unconditional dependencies to the NetworkManager typelib (gh#t-woerner/firewalld#119) * 0003-firewall.core.fw_nm-Hide-NM-typelib-import-new-nm_ge.patch- Update to version 0.4.2 * New module to search for and change ifcfg files for interfaces not under control of NM * firewall_config: Enhanced messages in status bar * firewall-config: New message window as overlay if not connected * firewall-config: Fix sentivity of option, view menus and main paned if not connected * firewall-applet: Quit on SIGINT (Ctrl-C), reduced D-Bus calls, some cleanup * firewall-[offline]cmd: Show target in zone information * D-Bus: Completed masquerade methods in FirewallClientZoneSettings * Fixed log-denied rules for icmp-blocks * Keep sorting of interfaces, services, icmp-blocks and other settings in zones * Fixed runtime-to-permanent not to save interfaces under control of NM * New icmp-block-inversion flag in the zones * ICMP type filtering in the zones * New services: sip, sips, managesieve * rich rules: Allow destination action (rh#1163428) * firewall-offline-cmd: New option -q/--quiet * firewall-[offline-]cmd: New --add-[zone,service,ipset,icmptype]-from-file * firewall-[offline-]cmd: Fix option for setting the destination address * firewall-config: Fixed resizing behaviour * New transaction model for speed ups in start, restart, stop and other actions * firewall-cmd: New options --load{zone,service,ipset,icmptype}-defaults * Fixed memory leak in dbus_introspection_add_properties * Landscape.io fixes, pylint calm downs * New D-Bus getXnames methods to speed up firewall-config and firewall-cmd * ebtables-restore: No support for COMMIT command * Source port support in services, zones and rich rules * firewall-offline-cmd: Added --{add,remove}-entries-from-file for ipsets * firewall-config: New active bindings side bar for simple binding changes * Reworked NetworkManager module * Proper default zone handling for NM connections * Try to set zone binding with NM if interface is under control of NM * Code cleanup and bug fixes * Include test suite in the release and install in /usr/share/firewalld/tests * New Travis-CI configuration file * Fixed more broken frensh translations * Translation updates - Add upstream patches * 0001-src-firewall-core-Drop-unneeded-python-shebangs.patch: Removes unneeded python shebangs * 0002-firewall-core-fw_ifcfg-Quickly-return-if-ifcfg-direc.patch: Do not try to access the network-scripts ifcfg directory. - Drop rejected patch * drop-standard-output-error-systemd.patch - Minor spec file clean-up- Avoid runtime dependency on systemd, the macros can all deal with its absence.- Suggest the susefirewall2-to-firewalld package which could assist in migrating the SuSEFirewall2 iptables rules to FirewallD.- Update to version 0.4.1.2 * Install fw_nm module * firewalld: Do not fail if log file could not be opened * Make ipsets visible per default in firewall-config * Fixed translations with python3 [changes in 0.4.1.1] * Fix for broken frensh translation [changes in 0.4.1] * Enhancements of ipset handling * No cleanup of ipsets using timeouts while reloading * Only destroy conflicting ipsets * Only use ipset types supported by the system * Add and remove several ipset entries in one call using a file * Reduce time frame where builtin chains are on policy DROP while reloading * Include descriptions in --info-X calls * Command line interface support to get and alter descriptions of zones, * services, ipsets and icmptypes with permanent option * Properly watch changes in combined zones * Fix logging in rich rule forward rules * Transformed direct.passthrough errors into warnings * Rework of import structures * Reduced calls to get ids for port and protocol names (rh#1305434) * Build and installation fixes by Markos Chandras * Provide D-Bus properties in introspection data * Fix for flaws found by landscape.io * Fix for repeated SUGHUP * New NetworkManager module to get and set zones of connections, used in firewall-applet and firewall-config * configure: Autodetect backend tools ({ip,ip6,eb}tables{,-restore}, ipset) * Code cleanups * Bug fixes - Fix drop-standard-output-error-systemd.patch tagging - Add libxslt-tools build dependency- Do not recommend a specific version for the lang subpackage- Move translations to a new subpackage- Set DISABLE_RESTART_ON_UPDATE to 'yes' instead of '1'. The macros in /etc/rpm/macros.systemd only check for the 'yes' value so fix it to properly prevent the firewalld service from being restarted during updates.- Drop typelib(NetworkManager), NetworkManager-glib, gtk3 and libnotify dependencies (see OBS SR#360792)- firewall-config needs typelib(NetworkManager) to run- Initial commit. Version 0.4.0 * drop-standard-output-error-systemd.patch (gh#t-woerner/firewalld/pull/67)/bin/sh/bin/sh/bin/sh/bin/shlamb57 1553531785  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~     0.5.5-lp150.2.22.20.5.5-lp150.2.22.2     dbus-1system.dFirewallD.conffirewalldfirewalld.confhelpersicmptypesipsetslockdown-whitelist.xmlserviceszonesmodprobe.dfirewalld-sysctls.conffirewall-cmdfirewall-offline-cmdfirewallctlfirewalldhelpersQ.931.xmlRAS.xmlamanda.xmlftp.xmlh323.xmlirc.xmlnetbios-ns.xmlpptp.xmlproto-gre.xmlsane.xmlsip.xmlsnmp.xmltftp.xmlicmptypesaddress-unreachable.xmlbad-header.xmlbeyond-scope.xmlcommunication-prohibited.xmldestination-unreachable.xmlecho-reply.xmlecho-request.xmlfailed-policy.xmlfragmentation-needed.xmlhost-precedence-violation.xmlhost-prohibited.xmlhost-redirect.xmlhost-unknown.xmlhost-unreachable.xmlip-header-bad.xmlneighbour-advertisement.xmlneighbour-solicitation.xmlnetwork-prohibited.xmlnetwork-redirect.xmlnetwork-unknown.xmlnetwork-unreachable.xmlno-route.xmlpacket-too-big.xmlparameter-problem.xmlport-unreachable.xmlprecedence-cutoff.xmlprotocol-unreachable.xmlredirect.xmlreject-route.xmlrequired-option-missing.xmlrouter-advertisement.xmlrouter-solicitation.xmlsource-quench.xmlsource-route-failed.xmltime-exceeded.xmltimestamp-reply.xmltimestamp-request.xmltos-host-redirect.xmltos-host-unreachable.xmltos-network-redirect.xmltos-network-unreachable.xmlttl-zero-during-reassembly.xmlttl-zero-during-transit.xmlunknown-header-type.xmlunknown-option.xmlipsetsREADMEservicesRH-Satellite-6.xmlamanda-client.xmlamanda-k5-client.xmlamqp.xmlamqps.xmlapcupsd.xmlbacula-client.xmlbacula.xmlbgp.xmlbitcoin-rpc.xmlbitcoin-testnet-rpc.xmlbitcoin-testnet.xmlbitcoin.xmlceph-mon.xmlceph.xmlcfengine.xmlcondor-collector.xmlctdb.xmldhcp.xmldhcpv6-client.xmldhcpv6.xmldistcc.xmldns.xmldocker-registry.xmldocker-swarm.xmldropbox-lansync.xmlelasticsearch.xmletcd-client.xmletcd-server.xmlfinger.xmlfreeipa-ldap.xmlfreeipa-ldaps.xmlfreeipa-replication.xmlfreeipa-trust.xmlftp.xmlganglia-client.xmlganglia-master.xmlgit.xmlgre.xmlhttp.xmlhttps.xmlimap.xmlimaps.xmlipp-client.xmlipp.xmlipsec.xmlirc.xmlircs.xmliscsi-target.xmljenkins.xmlkadmin.xmlkerberos.xmlkibana.xmlklogin.xmlkpasswd.xmlkprop.xmlkshell.xmlldap.xmlldaps.xmllibvirt-tls.xmllibvirt.xmlmanagesieve.xmlmdns.xmlminidlna.xmlmongodb.xmlmosh.xmlmountd.xmlmqtt-tls.xmlmqtt.xmlms-wbt.xmlmssql.xmlmurmur.xmlmysql.xmlnfs.xmlnfs3.xmlnmea-0183.xmlnrpe.xmlntp.xmlnut.xmlopenvpn.xmlovirt-imageio.xmlovirt-storageconsole.xmlovirt-vmconsole.xmlpmcd.xmlpmproxy.xmlpmwebapi.xmlpmwebapis.xmlpop3.xmlpop3s.xmlpostgresql.xmlprivoxy.xmlproxy-dhcp.xmlptp.xmlpulseaudio.xmlpuppetmaster.xmlquassel.xmlradius.xmlredis.xmlrpc-bind.xmlrsh.xmlrsyncd.xmlsalt-master.xmlsamba-client.xmlsamba.xmlsane.xmlsip.xmlsips.xmlslp.xmlsmtp-submission.xmlsmtp.xmlsmtps.xmlsnmp.xmlsnmptrap.xmlspideroak-lansync.xmlsquid.xmlssh.xmlsvdrp.xmlsvn.xmlsyncthing-gui.xmlsyncthing.xmlsynergy.xmlsyslog-tls.xmlsyslog.xmltelnet.xmltftp-client.xmltftp.xmltinc.xmltor-socks.xmltransmission-client.xmlupnp-client.xmlvdsm.xmlvnc-server.xmlwbem-http.xmlwbem-https.xmlwsman.xmlwsmans.xmlxdmcp.xmlxmpp-bosh.xmlxmpp-client.xmlxmpp-local.xmlxmpp-server.xmlzabbix-agent.xmlzabbix-server.xmlxmlschemacheck.shicmptype.xsdipset.xsdservice.xsdzone.xsdzonesblock.xmldmz.xmldrop.xmlexternal.xmlhome.xmlinternal.xmlpublic.xmltrusted.xmlwork.xmlfirewalld.servicefirewalldrcfirewalldcompletionsfirewall-cmdfirewalldREADMEsysconfig.firewalldfirewalldCOPYINGfirewall-cmd.1.gzfirewall-offline-cmd.1.gzfirewallctl.1.gzfirewalld.1.gzfirewalld.conf.5.gzfirewalld.dbus.5.gzfirewalld.direct.5.gzfirewalld.helper.5.gzfirewalld.icmptype.5.gzfirewalld.ipset.5.gzfirewalld.lockdown-whitelist.5.gzfirewalld.richlanguage.5.gzfirewalld.service.5.gzfirewalld.zone.5.gzfirewalld.zones.5.gzpolkit-1actionsorg.fedoraproject.FirewallD1.desktop.policy.choiceorg.fedoraproject.FirewallD1.policyorg.fedoraproject.FirewallD1.server.policy.choice/etc//etc/dbus-1//etc/dbus-1/system.d//etc/firewalld//etc/modprobe.d//usr/bin//usr/lib//usr/lib/firewalld//usr/lib/firewalld/helpers//usr/lib/firewalld/icmptypes//usr/lib/firewalld/ipsets//usr/lib/firewalld/services//usr/lib/firewalld/xmlschema//usr/lib/firewalld/zones//usr/lib/systemd/system//usr/sbin//usr/share/bash-completion//usr/share/bash-completion/completions//usr/share/doc/packages//usr/share/doc/packages/firewalld//usr/share/fillup-templates//usr/share/licenses//usr/share/licenses/firewalld//usr/share/man/man1//usr/share/man/man5//usr/share//usr/share/polkit-1//usr/share/polkit-1/actions/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Maintenance:9867/openSUSE_Leap_15.0_Update/869a01324cf28c51b5c249b6b0b890eb-firewalld.openSUSE_Leap_15.0_Updatedrpmxz5noarch-suse-linux directoryXML 1.0 document, ASCII textASCII textPython script, ASCII text executableXML 1.0 document, ASCII text, with CRLF line terminatorsXML 1.0 document, ASCII text, with very long linesBourne-Again shell script, ASCII text executabletroff or preprocessor input, ASCII text, with very long lines (gzip compressed data, max compression, from Unix)troff or preprocessor input, UTF-8 Unicode text, with very long lines (gzip compressed data, max compression, from Unix)RRRRRRRR\r̅vlzfirewalld-langsusefirewall2-to-firewalldutf-8ccf62ad8cc38b75decbfbe2e5dd0210cb5b352dfa795ba3a0bce31cb901899e0?@7zXZ !t/)&]"k% ӆ 8XQ%Ǹ܉Hi II\zcCuaq81^|i$^d? N~c;u!&؇[v1Q0 pέsT5 _E˶5&N:4mCz{'ˤ넄zSu-έ;be%ɬwu'IQ '|Ʊ/QvaT3 ?BKrJ%ʛDxL)n3WKQɭ{ܰbwβǂ G%KIT7 ޽s9o BT Y VФo<:s\h>T#)-pLxݫW޿R`@'qA ضL+GYA{i2eqt{F\֝*u2v$3ź#\p.aa8w|xjѩI8oK18~2L7*yAª٦W`?T9R(d\2G#Iwq K7+EGHZ%=dHGױX.>"ϏazT;G0;j ^z5-'ZvQyI s^=*H7j3#Fx^Du[Xs@%qRq X]Xtmn5 `>A拣L)He}-Z굓9)Ωyp6* K|Y 7,b̕d:\*W?'!)i$u4P+ǻr({Y 6!1 SB4P=.-2!ϭ_4W>Y%Y}`DwaT&v|{Y7 b@a+)bq_P9jx˰uk!pE< df)_00-jP&UP'TH`aܭ؉QʻF|B-Db _.?c}G'q*}C~Mj)g5H_-GޞAFS*1؀|ebpob$d}gKx's*44Y,(դ2`%*"/X$U2];A+|*3c[)0cOJ|^'T0 .3 l _YG4rZvn]ڼb+X_%t9hR zaD`ݜ/l$N>q(Et5U@ǣf.t"OeFǺ{ܤC@qfoTr@y$xE).GAw?L5e7yoK؇AȉVJA;u< nђ9# 3դ]u;_=|#\i֍K9RwNSQ\/38NO[⢱I2}cg4 G(>@X "~QuF`Hpx!מDuo&azXlAoۖB27HތtBX d97+H} 5傜nMi_IC`ceWf3 o6@CPV`Qc?B&.N^hNV.:lD,] |4Nd>(Õ:k٦MP &>  ỳI Bj؅,gj4x["|%I9 e`wPD&m҂JQ 4{6. 6l!>/\45]xvZ.(kVWJlS ܹJ{9_a n92dxeѧӏK@;)%xCBM6Q5N\D'%N_Fkbf Yg'/Y/= mm7v9 B2 owwZȂ=(!MA<)PM)rwjoq-s'x5ZŁe(;~g2ţ434qYl2_`-HNlr~') G ˽r1ҍ9/>|Ǡ8 f|A  q'8d ~ﻜ$omxY{eڪ8FP="L>>nrqaqqaՄ\e[90pw Fzg2V-&-L;L7!](}kD]V {^>pNR%- YZ